Vulnerabilities > Wpbrigade > Loginpress > 1.4.2
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-11-18 | CVE-2022-41839 | Unspecified vulnerability in Wpbrigade Loginpress Broken Access Control vulnerability in WordPress LoginPress plugin <= 1.6.2 on WordPress leading to unauth. | 5.3 |
| 2022-03-07 | CVE-2022-0347 | Cross-site Scripting vulnerability in Wpbrigade Loginpress The LoginPress | Custom Login Page Customizer WordPress plugin before 1.5.12 does not escape the redirect-page parameter before outputting it back in an attribute, leading to a Reflected Cross-Site Scripting | 4.3 |